<?php

if(!defined('IN_L3Z')) {
	exit('Access Denied');
}

function login($username,$pwd)
{
	global $_G;
	$login_user=DB::fetch_first("select * from ".DB::table("member")." where username = '".$username."'");
	$exstr=substr($login_user['password'],0,5);
	if($exstr.substr(md5($pwd.$exstr),0,26)==$login_user['password'])
	{
//		print "success!<br/>";
		$_G['uid']=$login_user['uid'];
		$_G['username']=$login_user['username'];
		$_G['adminid']=$login_user['adminid'];
		$_G['groupid']=$login_user['groupid'];
		$_G['member']=$login_user;
		$_G['formhash']=formhash();
		dsetcookie("auth",$login_user['password'].'/'.$login_user['uid'],1800);
		return $login_user;
	}
	else
	{
		return array();
	}
}

function logout()
{
	global $_G;
	$_G['uid']=0;
	$_G['username']='';
	$_G['adminid']=0;
	$_G['groupid']=0;
	$_G['member']=array();
	$_G['formhash']=formhash();
	dsetcookie("auth",'',-1);
//	print "logout";
}

?>